I’ve seen quite a few very nice bits of social engineering in email viruses lately, including things like a faked From: support@microsoft.com, but the very best I’ve ever seen just arrived:

From: MAILER-DAEMON
Subject: Undelivered Mail Returned to Sender

There were errors processing you mail. Please, read detailed information in the attachment

with an attachment named error.hta. Very nicely done. Of course, that’s MAILER-DAEMON@yahoo.com, the grammatical errors in the body grated on my one remaining nerve, and you and I are probably in a tiny minority actually knowing what an .hta really is, and why we’re not about to look at one. Still, very cunning bit of work, and if they’ve got a good enough payload, I predict a nice run for whatever it is (after all the Klez-related hits I got during it’s first outbreak, even if I had bothered to search for a name for it, I wouldn’t be posting it).

This entry was posted
on Thursday, May 22nd, 2003 at 8:34 pm and is filed under random linkage.
You can follow any responses to this entry through the post feed.
You can skip to the end and leave a response. Pinging is currently not allowed.

”HTML Application”. Basically a web page launched from the local machine, without security restrictions. See MSDN.

—

Phil, you’ve got serious CSS problems. In WinXP/IE6, the page ends at the bottom of your gray right bar. Impossible to scroll beyond. You’ve also got the old div-wraps-below-other-div issue in Moz/WinXP when the browser window is resized.

I thought I had IE’s problem fixed with the paradoxical ”use an XML declaration, get quirks mode” trick, but the problem seems to have returned when I took a bunch of tiresome hacks that I barely understood out of my CSS. Given that there is actually a solution (hit F11 twice, to cycle in and out of full-screen mode), the only fix that I will accept in my current mood is one which doesn’t involve adding a single non-semantic tag to the HTML, and doesn’t involve adding a single hack to the CSS that I won’t be able to understand in six months. I’m afraid I’m just really tired of seeing double-divs just so one can have the margins and borders, and the other can have a width, and seeing CSS that’s an incomprehensible spew of punctuation trying to work around every bug in every browser. Maybe someday I’ll go back to thinking of that as fun, but right now it just annoys me.

Catching up on a few links: Can’t remember where I originally found a reference to this, but Web Search for a Planet: The Google Cluster Architecure is the best writeup I’ve seen to date of the Google architecture, no surprise since it’s authors are th…